Presented at IWia2010 in Morioka, Japan
Security is a foremost concern for any institution. Investing in the
best technological and physical security products only go so far to protect a
system and often forget to take the users into account. A social engineer can
fairly easily manipulate a system user into granting him or her access despite all
the security measures taken. The best method to counter a social engineering
attack is to implement usable security policies so users know what to do, and to
give all users proper training so they know why they need to follow the
policies